Application-Based IDS
Application-based IDS (AppIDS) is an advanced version of HIDS. It examines application for abnormal events. The ability to view encrypted data is the unique advantage ofAppIDS. It may be configured to the following types of intercept requests and use them in combination and sequences.
-File System
-Network Configuration
-Execution Space
Advantages and Disadvantages of AppIDSs
Advantages
-Aware of specific users and can observe interaction between application and user
-Able to operate when the incoming data is encrypted
Disadvantages
-It is more susceptible to attack
-It is less capable of detecting software tampering
- Can be taken in by forms of spoofing